3a281405dc495c161048d3bd860bff1785e4f9c4
2 # Get an AFS token for the given user.
4 # This is used to deliver mail with the appropriate credentials.
9 # - If user is root, call this script as $USER
11 # get-token $USER norecurse
12 # - Don't recursively call this script, even if user if root
16 LOGFILE
=/tmp
/exim
4/get-token-log.
$USER
18 if [ "$REALUSER" = "root" ]; then
20 echo "Error: running as root even after trying to change to $USER" \
25 # Decide whether the user exists: getent returns 0 error code if so
26 getent passwd
"$USER" >/dev
/null
28 echo "$USER is not a local user, so ignoring them"
31 exec su
$USER -c "$0 $1 norecurse"
35 # fuse stdin and stderr
38 # all future output goes to this file
42 echo "Running as user $REALUSER"
44 # set the credentials cache
45 export KRB5CCNAME
=FILE
:/tmp
/exim
4/krb5cc_
$USER.email
47 # eliminate any previous tokens
50 KEYTAB
=/etc
/keytabs
/user.daemon
/$USER
52 # display command-to-be-invoked as a sanity check
53 echo kinit
-kt $KEYTAB $USER/daemon@HCOOP.NET
55 kinit
-kt $KEYTAB $USER/daemon@HCOOP.NET
58 # list tokens, for the sake of debugging